Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

fd1552174a...8.html

windows7-x64

3

fd1552174a...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    84s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 20:27 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fd1552174a82e4ef0cf25e006903e5c9_JaffaCakes118.html

  • Size

    3KB

  • MD5

    fd1552174a82e4ef0cf25e006903e5c9

  • SHA1

    96679c7115aa6163f72a3a0a4cd666ebe1468845

  • SHA256

    92003cc4d01c96a92f8203ac10b0c926dc834b229a762e3c89bede695fe6e3d2

  • SHA512

    24a912c1a8e53d86b33b3978a7c19e1da8319bb8232ca7e36f2472aabae59314084530fe44f9a24093d446c3183f8bbf8aaf9fecbbdfa19271bb680b53ed9b83

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fd1552174a82e4ef0cf25e006903e5c9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2212

Network

  • flag-us
    DNS
    party-nwvqdtumtz.now.sh
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    party-nwvqdtumtz.now.sh
    IN A
    Response
    party-nwvqdtumtz.now.sh
    IN A
    76.76.21.123
    party-nwvqdtumtz.now.sh
    IN A
    76.76.21.9
  • flag-gb
    GET
    http://www.google-analytics.com/ga.js
    IEXPLORE.EXE
    Remote address:
    142.250.187.238:80
    Request
    GET /ga.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google-analytics.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
    X-Content-Type-Options: nosniff
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 17168
    Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
    Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
    Date: Sat, 28 Sep 2024 18:49:18 GMT
    Expires: Sat, 28 Sep 2024 20:49:18 GMT
    Cache-Control: public, max-age=7200
    Age: 5878
    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
  • 76.76.21.123:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    404 B
     219 B
     5
    5
  • 76.76.21.123:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    404 B
     219 B
     5
    5
  • 142.250.187.238:80
    http://www.google-analytics.com/ga.js
    http
    IEXPLORE.EXE
    858 B
     18.7kB
     13
    17

    HTTP Request

    GET http://www.google-analytics.com/ga.js

    HTTP Response

    200
  • 142.250.187.238:80
    www.google-analytics.com
    IEXPLORE.EXE
    190 B
     92 B
     4
    2
  • 76.76.21.123:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    366 B
     219 B
     5
    5
  • 76.76.21.123:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    366 B
     219 B
     5
    5
  • 76.76.21.123:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    288 B
     219 B
     5
    5
  • 76.76.21.123:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    288 B
     219 B
     5
    5
  • 76.76.21.123:443
    party-nwvqdtumtz.now.sh
    IEXPLORE.EXE
    190 B
     92 B
     4
    2
  • 76.76.21.123:443
    party-nwvqdtumtz.now.sh
    IEXPLORE.EXE
    190 B
     92 B
     4
    2
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.8kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
     7.9kB
     9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    831 B
     7.9kB
     10
    13
  • 8.8.8.8:53
    party-nwvqdtumtz.now.sh
    dns
    IEXPLORE.EXE
    69 B
     101 B
     1
    1

    DNS Request

    party-nwvqdtumtz.now.sh

    DNS Response

    76.76.21.123
    76.76.21.9

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f92bfb267b71273dd818878f9917d60d

    SHA1

    98c2bfc2057fc58bd5327f80d4f4823293442853

    SHA256

    831bf31975e00f531e673339830d9591daa033342642ab7042f0e26414701567

    SHA512

    6baa011aceb27569e086e2aa15170c33754991057e010c42cd3cdd48413cff5c98a09e647b4863eb0f0c394814aebf12bb0954e5c9be5dc6e5918ef0531ef8cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    288e6f3a43f10e1debf547132826ef07

    SHA1

    1c48472135469c4531101f537f0585714f31d36b

    SHA256

    649e2617de2a87c89085ea5f4a6b1ac0300d0e42bc776490f95dc61e8cc61b16

    SHA512

    7fea3a02e8a3b523147e0b2670ae1d9dc6312c241d464548cf50a390ab5b5a6755ecc664bb7354f51dd0cede321675c8e2e11d7d99c42d9af85da38c5f514d23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    546bcb2232156fa6069ae517ec4cd885

    SHA1

    4c94f8c70f79da4b5cf89094ae14a429d992d56b

    SHA256

    33af8aacf675e9f1bb16479dcd16ad4251e166210d1d6ceb7e5294d4ccfeafbb

    SHA512

    b152b740d3833fc04fc290585bbe1a23aab496cad9c71d3a81293dbaf5bb77baa11104b461a8cffb688edbb5e7674e5ded3b1f828e09e4b65853c3b755d6524b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b0488ccc24cac86062a21e23aee67a1

    SHA1

    65076d508862edcd591f94cb5c26b7c616bd2521

    SHA256

    2e46d11a27e10572c567bee1191873efc20450c26bf11266f04dc24c008da742

    SHA512

    d02547b977956e88df8ed0c234b071c4acaa5f76733be76dd007f7f2e92025b39f0928b4a5ec72928926709393995d5e2ec60e9248edae48991746ed17e29bb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82cb59f18ae88914a88e6423cb75196e

    SHA1

    5fd0bfc669f1ea4419d2e074bbe25f7fe8cf37b5

    SHA256

    01bb7753454d547a8259db2308ec1e02bd28e9a767eb48c72d4595a7f92ad183

    SHA512

    7c94152797a8d5606feda21b6d2dee1f6c93a2fce424d4c9d87b383b67516d4f085d862e8d3e80cb453fe7c3491709b3a5e259e98f3914eec70aaeea28f1a9a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    737e13ff4ae58db8ec6b7a075f92af12

    SHA1

    9063a2d806dd108c4d81a4e06df08209f0ba5b01

    SHA256

    0e9fb862f547410ac55f7bb4c0cdce4351125a45fb170ea4e0598c3d609ede90

    SHA512

    71b74352fcee9a86fd2a1bbbcd1e3f3f7aca8d9dd253bff95fa1ea1ed971ac2c7fca0be2e00c6b2a0f0db781f4d0ffdfdb495eb05110d508bd4451cc09ae45c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eac13920c260feae451e28347900e772

    SHA1

    b574e99691ff75e22b4078d1680288125980f4d4

    SHA256

    ce7af49bba49b3fd3105ab5e62bebba839b70957b1c9b12d010dd21c7e626faa

    SHA512

    670ec851592d7ee16b55e673061937701f5417dc0e4dd9529a059ee390445907ba40c495b3e10a87e839591ac344977c9f3aacf458a05f3d3cb085a61e585d59

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5dfa5894da65eb96ee88627fa93e2580

    SHA1

    1391a093ebef929a721a695578d043dbaa57f4fc

    SHA256

    bc13e8b93d407a0433fc1db39813ebb5540bda5832a479b50908f08269924656

    SHA512

    cbfd4c3742fd4cadd8ac64791622bd9d28bb04ef48a53d9f30688db459ac0be4711592400ac323b254b8ec935b67c88c2715a33b57276ce49a4583eb323219c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87e719c9689089a7b5e7bc93cbea0eaa

    SHA1

    8676fa04c66826cccba2911bfd0ff3f854c8025c

    SHA256

    edfc99db361a14d26b4ee92559bd1615d2766738f8ff8847f5413cd70c24272f

    SHA512

    2e689c91aac2baa40a0fd576cc3caed49e336abda01984254f2faa396e75e9ef6fe493634f59e825f6b75df71ecfca1767c6a0bebce707daa2466a6cf133d034

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f9142a295d8515e49f53e247e84787e

    SHA1

    e2c0abb80589d739268ef310bd3528e034007d5e

    SHA256

    b9e77dfa726168eb06864805590391e02fd8f8659e3a035d57e5055ca04c4aab

    SHA512

    834b361d3fa486fb7b9f321fc8cce9ed2942d3654a7563a7a54f3102b1212ffe56c9df190b6baed34fc10b81f677e1430be8e107c6793f65312c3ed06bc5a28c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fee526e6271f42b1a0c3384b82fe3d09

    SHA1

    8271d4235cdff0a3b1b1c2bb56a90905df530827

    SHA256

    8e21899fedfe5f2e4c94cb43437ca44f8ce56b371755e289561e7f826e0e320c

    SHA512

    b7fc059aa007f9927f451759f4bbc91d4b68e215bb6be376a519f7d768d9586f905d52a754660cce28599b57d8c38d2094cbd0d14c3fa738234658efd10bb35c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71ec698f85933cba1f7c49d288173d6c

    SHA1

    c33e38418d4ddfd0f01b10c6686ee666a0e10713

    SHA256

    d3b60068b8cfad19002c2685a2844e31f906f28e609899dc6c215a6ae63dc8f7

    SHA512

    d3c9a22d680dbbeaf8e9e0b825ff2ce44897daee3283c3613e788965d7085b5c5ba6cc64ad0276dcfa9445c7893aa525b5d467e447073d45c694b7bf13f28c91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    943bd706df953d5b6ed0a9f00d86e222

    SHA1

    4073b70d9b6c3f965e15bd59f1b2b82e8f2d0051

    SHA256

    a50ad5ccaae75ec99f968adc28c231024bf9cda6cbf1836a993c89805eb66448

    SHA512

    3774a209c1db048b1242b698eaf3ac0bb2166a0820a30932b3932d19e889d4e7bdcc0119644a75502ec1e91ee348a0e9e9004689b5c583964786a4cbbe846991

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c97b55e5a96c7e85d299534f724c7540

    SHA1

    b9d67e108a0b97e727e4edfec072394fd310abec

    SHA256

    2641c9a00f1e658970f31c061be5a40fc4657d068771463c8e80e934461cd29e

    SHA512

    7bfbf211ce3766a14f661b00f2d8dd835c42123b73e70a5f88c2ac5033d6a24d9a1bec2c3fe78a84a605c194e7903afb6ee741dc3f945748a55f19fc09dccce9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84a8c329478b36f3a62cf6767f07ad12

    SHA1

    49d9fde89373a93437c118e3c16571681629079c

    SHA256

    b0183deabfb17b13fea5fb1e3c19efc6a6a6cf904972a28424e9900cfa3f1d09

    SHA512

    9d720c00a4960001750b4a759dc6042af31ee9487fd6f28af794ef615e941dcd7966a56e40aa987e927b140a238f7804b85d121c7555122e73c222250e7e2e53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27aa80a2ba7b92567441aed423ec570b

    SHA1

    bccd737693924ef9493d5555113b28819728588e

    SHA256

    e8492786d0ea76d11b9ec9365f071efa58ca27e91aeee99c62cb1f5b056d5ee7

    SHA512

    ee653b62f9cbc2a3d3b7e4ee1358d1bc2febc686e6ab9229257553f5636c82c7ac65209c7113ba97e0dee747a47b27a9ce3a08068a197e11b78528a926272773

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0167762c521553a546c1c98fb958292d

    SHA1

    31dce15982cba8d8dc42025188c302910c7e0bed

    SHA256

    ad378bf36ebda379dd19eb4ecc759ec5bdfc47c4b525a01e5eab961ac8b50bf2

    SHA512

    74f9df58c9936cf7ce83d2f0df1194748c6473102497c149490762edef0f9b4e97f98e09ab02181796bafc93a5da864cfe31d3d3b5e142487062785dbb1a7fb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    462e5b12d4e8d8f981fdc791b2e86ac6

    SHA1

    5b50876daf0ecb1fc7348e476c4dd1512a25f742

    SHA256

    7e8b3b4ec00d1e23a00413ab31da7724144ef78fed745ad715bafe39091ce466

    SHA512

    8563526095e5fb48adf7503983fc0d83bfcd27d4ceb08fa02c423ddb208276aaf35b8a40bf55f860effea3c0d26751501485d2bb576b44e4506a92c6b9ad814a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    873de9d042232efc0bc967dfe67dbc80

    SHA1

    129d35d1e4347116a6ac2fa255b294f59543db1e

    SHA256

    03b5c9e6836855baf69fb5d516d4de3f5f78d8bd0f7ae165e715ee6afef4a508

    SHA512

    6a6e3148b0eae644ea8430057e49f0784be1728d19e7df278eb6096000747f19f54b611b48bb8e65eecc4e2fc395de3a1d4339800f85ae221354cb30b9a9c7eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffcd8a200de03a726f9c780f2a56eae3

    SHA1

    5a3b73f34c389291aae84462294642d12927c4f6

    SHA256

    2e98c887da182fe240113309bf24f60584686819ae32391be1efd0d75c230daa

    SHA512

    3e65ab4264e1a686c1bdbd39bedbe32f0f93acaa8878aaeb3227f2514ce505a9bcc8626cd427b24e01312de557e84f71ff6f251ceb0a5af4d0b48bb7c95321d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af39489403bbac0aa6607a1f2a68e0ed

    SHA1

    4f00f361999b5a1721e9ec0e18ca82d28106ac90

    SHA256

    679bd76e06e7ed1011f8cbe778e6a4cd3648d228662d4dc018ee94a9296bbf2a

    SHA512

    299bb02ce83b65f4111810c4b4d0f67f0e5adf5a5609dbdab5d24151053f293585681014304d9e85dbd9b2701577cfd4a9b10c275af8260ce7bc2d0098e11cfb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1A75.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1AD7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.